Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by lucky on za 03/05/2014 at 8:01:29,70. Microsoft® Windows Vista™ Home Premium 6.0.6001 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\lucky\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\PC Speed Up\PCSUService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\TuneUp Utilities 2013\TUAutoUpdateCheck.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\lucky\Downloads\zoek.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 3/05/2014 8:04:49 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Babylon deleted successfully C:\Users\lucky\AppData\Roaming\Nico Mak Computing deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_CLASSES_ROOT\CLSID\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\CLSID\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\mozilla\Firefox\Extensions\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully ==== Installed Programs ====================== Adobe Flash Player 13 ActiveX CCleaner Facebook Video Calling 2.0.0.447 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) iTunes Java Auto Updater Java(TM) 6 Update 30 Junk Mail filter update Malwarebytes Anti-Malware versie 2.0.1.1004 Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Skype Click to Call SkypeT 6.3 SweetPacks bundle uninstaller TuneUp Utilities 2013 TuneUp Utilities Language Pack (nl-NL) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update Manager for SweetPacks 1.1 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TuneUp.UtilitiesSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TuneUp.UtilitiesSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCSUService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCSUService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SrvUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrvUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\SrvUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SrvUpdater deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3bbd3c14-4c16-4989-8366-95bc9179779d}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=-